{
  "schema_version": "1.4.0",
  "id": "GHSA-8258-9w54-3r97",
  "modified": "2022-05-17T04:18:52Z",
  "published": "2022-05-17T04:18:52Z",
  "aliases": [
    "CVE-2014-9424"
  ],
  "details": "Double free vulnerability in the ssl_parse_clienthello_use_srtp_ext function in d1_srtp.c in LibreSSL before 2.1.2 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a certain length-verification error during processing of a DTLS handshake.",
  "severity": [],
  "affected": [],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9424"
    },
    {
      "type": "WEB",
      "url": "https://github.com/robertbachmann/openbsd-libssl/commit/62a110d447bb8c16a4c69629e28a42e8c39fd7e0"
    },
    {
      "type": "WEB",
      "url": "https://code.google.com/p/google-security-research/issues/detail?id=202"
    }
  ],
  "database_specific": {
    "cwe_ids": [],
    "severity": "HIGH",
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-12-29T00:59:00Z"
  }
}